Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Dr. Roy Schestowitz

2015-02-07 21:53:44 UTC
Modified: 2015-02-07 21:53:44 UTC

Skulls

Summary: Parasites that take advantage of public panic and lack of comprehension are occupying paper space, as usual

LAST WEEK we wrote about the overblown threat called/dubbed "GHOST" (all capital letters) by the company seeking to make money from it despite being only the third to discover it and knowing it was not much of a big deal. We have not yet heard about any major exploit, which pretty much can be said about the OpenSSL bug as well (this one too was discovered by two entities before a Microsoft-connected firm irresponsibly publicised it, giving it a name and a logo to sell its own services and spread FOSS-hostile FUD for many months to come). What unifies the GLibC and OpenSSL bugs is that they got "brand recognition" very quickly. It was like a marketing campaign rather than a non-alarmist discussion about security -- something that non-technical/technically-illiterate journalists would surely fail at.

"As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame."Days ago we saw the most FOSS-hostile IDG Web site becoming a platform of Black Duck, a Microsoft-connected firm that sells proprietary software by spreading and accentuating fear of FOSS. The article at hand uses bugs with "branding" to spook FOSS users while Black Duck, paying to publish this self-promotional press release on the same day, is still pretending to be an authority in FOSS.

The bugs with "branding" were also exploited by Veracode in this article (on the same day) and as Eric Lorenzo pointed out: "If businesses don't update legacy software, often they will will have bugs fixed in later versions! Shock!"

"I wonder what percentage of businesses are using obsolete Windows without updates," he added.

As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame. It not only sports back doors but is also badly designed and won't patch known critical holes. It is basically designed to be not secure.

When it comes to reporting on computer security, the corporate press has almost zero legitimacy. All it knows is brands and it is eager to promote corporate partners that piggyback those brands (like "heartbleed") or stories (Anthem, Sony, etc.), claiming to be experts and offering remedies other than patches which were already issued and are free to apply by all. ⬆

XBox Consoles Nearly Dead by Now, the 'XBox' (ex-Box) Brand Now Stands for Something Full of Slop, Spam, Filler, and Chaff: We're seeing the last day (maybe year) of "XBox"
Fake IBM Retirements (IBM Gives Older Workers Ultimatums, Deadlines, and Carrots on Sticks): As they point out, IBM is desperate to lower costs
Richard Stallman's Experiences With 'Cancel Brigades' Ought to Educate Linus Torvalds: Now they talk about "if Linus dies" scenarios
Links 26/01/2026: Financial Stress in German Farms and Germany Wants to Take Its Gold Reserves Out of the US: Links for the day
Gemini Links 26/01/2026: "Lack of Meaningful Things" and Getting Back to Programming: Links for the day
Strong Correlation Between the Slop Ponzi Scheme (or Bubble) and Major Disasters: BitCoin ruins the planet; so does slop
We Will Never Allow the "Alicante Mafia" to Hide "Cocainegate": transparency typically scares malicious actors
Fewer Involuntary Interruptions This Year: This year we're doing much better
Prisons Are for Dangerous People Who Pose a Threat to the Public, Not People Who Inform the Public: At the end of the week EPO workers go on strike
Microsoft Loses Grip on Indian Ocean: Many countries, including in older allies of the US (such as Canada and the US), look for ways to get out of Microsoft dependence urgently
The Great "AI" CON Explained by Dr. Andy Farnell: LLMs are basically advertisers of sorts
Links 26/01/2026: "Journalists Detained", in Germany "Unjustly Jailed Man Gets €1.3 Million Compensation": Links for the day
Red Hat Quietly Going Extinct After Bluewashing in 2026: At this point it would be rather foolish to assume that IBM will let Red Hat just "do its own thing" or maintain its corporate culture, identity, projects etc.
The "Alicante Mafia" - Part XII - Kris De Neef and Roberta Romano-Götsch, Who Stepped in for the Cokehead, Have No Comment on His Cocaine Usage (and the EPO's Cover-up): Sh-t floats to the top.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, January 25, 2026: IRC logs for Sunday, January 25, 2026
Gemini Links 26/01/2026: Cold Perception, Software Patches in NixOS, and Sunk Cost Fallacy: Links for the day
Linuxiac is Basically a Fake News Site, But It's Being Fed by Google News: Because Google News is run by Google, a slop pusher
Links 25/01/2026: Slop "Tribalism", Nike Apparently Cracked: Links for the day
Claims That PIPs Are Abused for Silent Mass Layoffs at IBM (Without Severance) or Forced Retirements: Performance Improvement Plans (PIPs) "clearly bogus as everyone on my team who has been on one has been fired"
WebM Version of Richard Stallman's Latest Talk (Georgia Tech Talk): The file size is smaller
After Half a Decade Vista 11 is Still a Giant Failure: Don't expect Microsoft to gain a foothold
Details on IBM Layoffs in the EU Last Week, Same Allegedly Coming to the US Shortly: "Around 50 people affected in Belgium."
Technology Trends Driven by DRM Giants, Planned Obsolescence, Not the Needs of the Buyers: The "pushers" think of customers as "users"; and they encourage passivity, Stockholm Syndrome
Links 25/01/2026: Microsoft BitLocker Backdoored for Decades Already, Microsoft-Backed ICE Still Murders Civilians: Links for the day
Gemini Links 25/01/2026: "Expert in a Dying Field" and Global Commands: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, January 24, 2026: IRC logs for Saturday, January 24, 2026
After the Slop Bubble: At the end, looking back, we'll all generally understand that the net effort of slop was environmental destruction
IBM CEO Says IBM is Just Reliant on Buzzwords That Are Overhyped: IBM has nothing to show anymore and telling fairytales to shareholders is a temporary 'fix'
The "Alicante Mafia" - Part XI - No Comment From Steve Rowan, Niloofar Simon, and Christoph Ernst About Cocaine Inside EPO: What kind of patent office is this?
Projection of Fanatic From Microsoft: Microsoft Lunduke is pandering to the 4Chan 'crowd'
Digg.com (Digg) is a Censorship Platform, Just Another Social Control Media/Network, Controlled by the Few: We are not going to bother with any social control media
Spam, Slop, and Fake 'Articles' Regarding "Linux": Serial Sloppers like these are harming real reporting about Linux and GNU
Rape investigation dropped: Will Fowles & ALP transgender deception: Reprinted with permission from Daniel Pocock
Diversity, Grooming & Debian transgender Zero: Reprinted with permission from Daniel Pocock
Pauline / Maria / Alice Climent(-Pommeret) & Debian transgender offensive cybersecurity deception: Reprinted with permission from Daniel Pocock
Did judge with transgender sister & Debian conflict of interest help cover-up a death?: Reprinted with permission from Daniel Pocock
Giving a Voice to the Community (Even When It's Inconvenient or 'Scary'): Once upon a time we were threatened with deplatforming for merely reposting articles by Daniel Pocock; we no longer have this problem
Links 24/01/2026: CBS News Demolished From the Inside and Many Publishers Admit Layoffs: Links for the day
Gemini Links 24/01/2026: Dreams and Raspberry Pi Zero 2W: Links for the day
Richard Stallman's First Talk in US College Since 2018: Videos and Photos: There are some backstories
Judge Richard Oulevey (Grandcour Choeur, Tribunal Vaud) & Debian shaming abuse victims and witnesses: Reprinted with permission from Daniel Pocock
Judgment: French army vanquishes German FSFE on Hitler's birthday, Microsoft contract dispute (1716711): Reprinted with permission from Daniel Pocock
EDPB/CNIL privacy expert Amandine Jambert (cryptie, FSFE) implicitly admitted lying about harassment when she resigned admitting conflict of interest: Reprinted with permission from Daniel Pocock
Links 24/01/2026: TikTok Controlled by Alt Reich in US Now, White House Shares Fake, Manipulated, Misleading Images Already: Links for the day
Projection Tactics - Part IV: SLAPP by Americans Against Techrights (UK) to Hide Serious Abuses Against American Women: "PRs need to stop being complicit in suppression of information via SLAPPs"
Dirty Laundry at Debian and Elsewhere: We cannot just brush aside real issues involving real people and their families
Illegal, Unconstitutional Kangaroo Court for Patents Drops the Masks, Shows Its Real Purpose is to Serve Multinational Monopolists and Crush European SMEs: Europe (or the EU) is rapidly becoming a corporate project, not a unified governance initiative
The "Alicante Mafia" - Part X - EPO Strikes to Begin Next Week: Things gradually escalate this month
Gemini Links 24/01/2026: Snow, Boxing, and Lisp is Fun: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, January 23, 2026: IRC logs for Friday, January 23, 2026

Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Recent Techrights' Posts